#!/bin/bash
set -e
set -u

backup() {
    f=$(readlink -f "$1")
    if [ ! -f "$f.bak" ]; then
        cp $f $f.bak
    else
        cp $f.bak $f
    fi
}

backup /etc/profile

cat >>/etc/profile <<-EOF

export HISTORY_FILE='/var/log/shell.log';
export PROMPT_COMMAND='{ date "+%Y-%m-%d %T [ USER:\$USER IP:\$SSH_CLIENT PS:\$SSH_TTY ] \$(history 1 | { read x cmd; echo "\$cmd"; })"; } >>\$HISTORY_FILE';

export HISTCONTROL=ignoreboth
export HISTSIZE=1000
export HISTFILESIZE=2000

typeset -r PROMPT_COMMAND;
typeset -r HISTORY_FILE;
typeset -r HISTCONTROL;
typeset -r HISTFILE;
typeset -r HISTFILESIZE;
typeset -r HISTIGNORE;
typeset -r HISTSIZE;
typeset -r HISTTIMEFORMAT;
shopt -s cmdhist;
shopt -s histappend;

export PATH="~/bin:\$PATH";

EOF

backup /etc/ssh/sshd_config

cat >/etc/ssh/sshd_config <<-EOF
Include /etc/ssh/sshd_config.d/*.conf
MaxAuthTries 6
MaxSessions 10
ChallengeResponseAuthentication no
UsePAM yes
X11Forwarding yes
PrintMotd no
AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server
UseDNS no
AddressFamily inet
SyslogFacility AUTHPRIV
PermitRootLogin no
PasswordAuthentication no
EOF

useradd -d /home/lyf -m lyf -s /bin/bash -G sudo
mkdir -p /home/lyf/.ssh
chown -R lyf /home/lyf
echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDPEkDdmifjm5Udyp5x4WVJ4g4zYvs1YxKeHGUDWMOj5FWvg9dePy/SDByhGU0Eh5NJkDuQGGnw1hr/5V/+qFgzJAgmY45gUrGymNsunFjDOYbEaKZiOXqeJP1+N2inDNveqnCBO07pdu8KkEzUbb7uhLRjIoV/YFozPq+TBsgYvqX8pdl8ptTLobvxNGahY7v7aU35wr00njGMHNiCP0IPsoomL70ivNYS2jo5N4SiYNKnCQMEPsJWQXsmfhwq/GUONcOektfONrdPZEe0bQBo3mEdZ2UompS4cZCxSuGblP+hVAnCQxmk9JS+RpXCx6OCaVs5kYsMX7ggX2iu4PUXQGZnF5D3cSIxMN3041bXrlOT5Kw0ZBSPd2mlYYpIbQyh1hY90xNofO1yKCmxZmydk6F1QNGRHHlowPF30K2jEorEwSfSH84jk21WUE/NwehViTl9ZFnleX9qLobdIz8JZHPFexiDRVJGiQnU863tkgH8eVNpJMVjd+1UuqBPw6s= u0_a198@localhost
' >/home/lyf/.ssh/authorized_keys
echo '' >/var/log/shell.log

chmod 644 /home/lyf/.ssh/authorized_keys
chmod 666 /var/log/shell.log

chattr +i /home/lyf/.ssh/authorized_keys
chattr +a /var/log/shell.log

echo '设置密码'
passwd lyf  
# service sshd restart

# userdel lyf && chattr -i /home/lyf/.ssh/* && rm -rf /home/lyf && chattr -a /var/log/shell.log && rm /var/log/shell.log

# 9PXLqEv2f5dZVyn


